Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 30 Apr 2024 20:25:01 GMT
From:      Rene Ladan <rene@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 3a4d8de87ce0 - main - dns/bind916: Remove expired port
Message-ID:  <202404302025.43UKP1BU011406@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch main has been updated by rene:

URL: https://cgit.FreeBSD.org/ports/commit/?id=3a4d8de87ce0160ab4bfe85f60c6d1922d9fa3c4

commit 3a4d8de87ce0160ab4bfe85f60c6d1922d9fa3c4
Author:     Rene Ladan <rene@FreeBSD.org>
AuthorDate: 2024-04-30 20:24:52 +0000
Commit:     Rene Ladan <rene@FreeBSD.org>
CommitDate: 2024-04-30 20:24:52 +0000

    dns/bind916: Remove expired port
    
    2024-04-30 dns/bind916: End of life, please migrate to a newer version of BIND9
---
 MOVED                                              |   1 +
 dns/Makefile                                       |   1 -
 dns/bind916/Makefile                               | 227 ----------
 dns/bind916/distinfo                               |   3 -
 dns/bind916/files/BIND.chroot.dist                 |  24 --
 dns/bind916/files/BIND.chroot.local.dist           |  18 -
 dns/bind916/files/bind-v9.16.0-tcp_quota_fix.patch | 341 ---------------
 dns/bind916/files/empty.db                         |   8 -
 dns/bind916/files/extrapatch-bind-min-override-ttl |  61 ---
 dns/bind916/files/localhost-forward.db             |   8 -
 dns/bind916/files/localhost-reverse.db             |  10 -
 dns/bind916/files/named.conf.in                    | 378 -----------------
 dns/bind916/files/named.in                         | 464 ---------------------
 dns/bind916/files/named.root                       |  92 ----
 .../files/patch-bin_named_include_named_globals.h  |  13 -
 .../patch-bin_tests_system_dlzexternal_Makefile.in |  13 -
 dns/bind916/files/patch-configure                  |  92 ----
 dns/bind916/files/patch-no-bind-tools              |  46 --
 dns/bind916/files/pkg-message.in                   |  22 -
 dns/bind916/pkg-descr                              |  13 -
 dns/bind916/pkg-help                               |  30 --
 dns/bind916/pkg-plist                              | 331 ---------------
 22 files changed, 1 insertion(+), 2195 deletions(-)

diff --git a/MOVED b/MOVED
index 2ecf16307e8a..3db0a11381c4 100644
--- a/MOVED
+++ b/MOVED
@@ -3205,3 +3205,4 @@ lang/tcl9|lang/tcl90|2024-04-30|Renamed for consistency with the 8.x series port
 deskutils/aspostit||2024-04-30|Has expired: Unmaintained, last upstream release in 2001
 x11-toolkits/p5-Tk-FileDialog||2024-04-30|Has expired: Does not work with recent Tk versions
 www/py-django-dpaste||2024-04-30|Has expired
+dns/bind916|dns/bind918|2024-04-30|Has expired: End of life, please migrate to a newer version of BIND9
diff --git a/dns/Makefile b/dns/Makefile
index 3717716f6067..587157026a25 100644
--- a/dns/Makefile
+++ b/dns/Makefile
@@ -7,7 +7,6 @@
     SUBDIR += axfr2acl
     SUBDIR += bind-tools
     SUBDIR += bind9-devel
-    SUBDIR += bind916
     SUBDIR += bind918
     SUBDIR += bindgraph
     SUBDIR += blocky
diff --git a/dns/bind916/Makefile b/dns/bind916/Makefile
deleted file mode 100644
index 89e72f532b6b..000000000000
--- a/dns/bind916/Makefile
+++ /dev/null
@@ -1,227 +0,0 @@
-# pkg-help formatted with fmt 59 63
-
-PORTNAME=	bind
-DISTVERSION=	9.16.50
-PORTREVISION=	1
-CATEGORIES=	dns net
-MASTER_SITES=	ISC/bind9/${DISTVERSION}
-PKGNAMESUFFIX=	916
-DISTNAME=	${PORTNAME}-${DISTVERSION}
-
-MAINTAINER=	mat@FreeBSD.org
-COMMENT=	BIND DNS suite with updated DNSSEC and DNS64
-WWW=		https://www.isc.org/bind/
-
-DEPRECATED=	End of life, please migrate to a newer version of BIND9
-EXPIRATION_DATE=	2024-04-30
-
-LICENSE=	MPL20
-LICENSE_FILE=	${WRKSRC}/LICENSE
-
-LIB_DEPENDS=	libuv.so:devel/libuv \
-		libxml2.so:textproc/libxml2
-RUN_DEPENDS=	bind-tools>0:dns/bind-tools
-
-USES=		compiler:c11 cpe libedit pkgconfig ssl tar:xz
-
-CPE_VENDOR=	isc
-CPE_VERSION=	${DISTVERSION:C/-.*//}
-.if ${DISTVERSION:M*-*}
-CPE_UPDATE=	${DISTVERSION:C/.*-//:tl}
-.endif
-
-GNU_CONFIGURE=	yes
-GNU_CONFIGURE_MANPREFIX=	${PREFIX}/share
-CONFIGURE_ARGS=	--disable-linux-caps \
-		--localstatedir=/var \
-		--sysconfdir=${ETCDIR} \
-		--with-dlopen=yes \
-		--without-python \
-		--with-libxml2 \
-		--with-openssl=${OPENSSLBASE} \
-		--with-readline="-L${LOCALBASE}/lib -ledit"
-ETCDIR=		${PREFIX}/etc/namedb
-
-USE_RC_SUBR=		named
-SUB_FILES=		named.conf pkg-message
-
-PORTDOCS=	*
-
-CONFLICTS=	bind9[0-9][0-9] bind9-devel
-
-MAKE_JOBS_UNSAFE=	yes
-
-OPTIONS_DEFAULT=	DLZ_FILESYSTEM GSSAPI_NONE IDN JSON LMDB \
-			TCP_FASTOPEN DNSTAP
-OPTIONS_DEFINE=		DNSTAP DOCS FIXED_RRSET GEOIP IDN JSON LARGE_FILE LMDB \
-			OVERRIDECACHE PORTREVISION QUERYTRACE \
-			START_LATE TCP_FASTOPEN
-
-OPTIONS_RADIO=		CRYPTO
-OPTIONS_RADIO_CRYPTO=	NATIVE_PKCS11
-
-OPTIONS_GROUP=		DLZ
-OPTIONS_GROUP_DLZ=	DLZ_BDB DLZ_FILESYSTEM DLZ_LDAP DLZ_MYSQL \
-			DLZ_POSTGRESQL DLZ_STUB
-
-OPTIONS_SINGLE=		GSSAPI
-OPTIONS_SINGLE_GSSAPI=	GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
-
-OPTIONS_SUB=	yes
-
-CRYPTO_DESC=		Choose which crypto engine to use
-DLZ_BDB_DESC=		DLZ BDB driver
-DLZ_DESC=		Dynamically Loadable Zones
-DLZ_FILESYSTEM_DESC=	DLZ filesystem driver
-DLZ_LDAP_DESC=		DLZ LDAP driver
-DLZ_MYSQL_DESC=		DLZ MySQL driver (no threading)
-DLZ_POSTGRESQL_DESC=	DLZ Postgres driver
-DLZ_STUB_DESC=		DLZ stub driver
-DNSTAP_DESC=		Provides fast passive logging of DNS messages
-FIXED_RRSET_DESC=	Enable fixed rrset ordering
-GSSAPI_BASE_DESC=	Using Heimdal in base (nsupdate is broken)
-GSSAPI_HEIMDAL_DESC=	Using security/heimdal (nsupdate is broken)
-GSSAPI_MIT_DESC=	Using security/krb5
-GSSAPI_NONE_DESC=	Disable
-LARGE_FILE_DESC=	64-bit file support
-LMDB_DESC=		Use LMDB for zone management
-OVERRIDECACHE_DESC=	Use the override-cache patch
-NATIVE_PKCS11_DESC=	Use PKCS\#11 native API (**READ HELP**)
-PORTREVISION_DESC=	Show PORTREVISION in the version string
-QUERYTRACE_DESC=	Enable the very verbose query tracelogging
-START_LATE_DESC=	Start BIND late in the boot process (see help)
-TCP_FASTOPEN_DESC=	RFC 7413 support
-
-DLZ_BDB_CONFIGURE_ON=	--with-dlz-bdb=yes
-DLZ_BDB_USES=		bdb
-
-DLZ_FILESYSTEM_CONFIGURE_ON=	--with-dlz-filesystem=yes
-
-DLZ_LDAP_CONFIGURE_ON=	--with-dlz-ldap=yes
-DLZ_LDAP_USES=		ldap
-
-DLZ_MYSQL_CONFIGURE_ON=	--with-dlz-mysql=yes
-DLZ_MYSQL_USES=		mysql
-
-DLZ_POSTGRESQL_CONFIGURE_ON=	--with-dlz-postgres=yes
-DLZ_POSTGRESQL_USES=		pgsql
-
-DLZ_STUB_CONFIGURE_ON=	--with-dlz-stub=yes
-
-DOCS_BUILD_DEPENDS=	sphinx-build:textproc/py-sphinx \
-			${PYTHON_PKGNAMEPREFIX}sphinx_rtd_theme>0:textproc/py-sphinx_rtd_theme@${PY_FLAVOR}
-DOCS_USES=	python:env
-
-DNSTAP_CONFIGURE_ENABLE=	dnstap
-DNSTAP_LIB_DEPENDS=		libfstrm.so:devel/fstrm \
-				libprotobuf-c.so:devel/protobuf-c
-
-FIXED_RRSET_CONFIGURE_ENABLE=	fixed-rrset
-
-GEOIP_CONFIGURE_ENABLE=	geoip
-GEOIP_CONFIGURE_WITH=	maxminddb
-GEOIP_LIB_DEPENDS=	libmaxminddb.so:net/libmaxminddb
-
-GSSAPI_BASE_CONFIGURE_ON=	--with-gssapi=${GSSAPIBASEDIR} \
-				${GSSAPI_CONFIGURE_ARGS}
-GSSAPI_BASE_USES=		gssapi
-
-GSSAPI_HEIMDAL_CONFIGURE_ON=	--with-gssapi=${GSSAPIBASEDIR} \
-				${GSSAPI_CONFIGURE_ARGS}
-GSSAPI_HEIMDAL_USES=		gssapi:heimdal
-
-GSSAPI_MIT_CONFIGURE_ON=	--with-gssapi=${GSSAPIBASEDIR} \
-				${GSSAPI_CONFIGURE_ARGS}
-GSSAPI_MIT_USES=		gssapi:mit
-
-GSSAPI_NONE_CONFIGURE_ON=	--without-gssapi
-
-IDN_CONFIGURE_OFF=	--without-libidn2
-IDN_CONFIGURE_ON=	${ICONV_CONFIGURE_BASE} \
-			--with-libidn2=${LOCALBASE}
-IDN_LIB_DEPENDS=	libidn2.so:dns/libidn2
-IDN_USES=		iconv
-
-JSON_CONFIGURE_WITH=	json-c
-JSON_LIB_DEPENDS=	libjson-c.so:devel/json-c
-JSON_LDFLAGS=		-L${LOCALBASE}/lib -ljson-c
-
-LARGE_FILE_CONFIGURE_ENABLE=	largefile
-
-LMDB_CONFIGURE_WITH=	lmdb=${LOCALBASE}
-LMDB_LIB_DEPENDS=	liblmdb.so:databases/lmdb
-
-OVERRIDECACHE_EXTRA_PATCHES=	${FILESDIR}/extrapatch-bind-min-override-ttl
-
-NATIVE_PKCS11_CONFIGURE_ENABLE=	native-pkcs11
-
-QUERYTRACE_CONFIGURE_ENABLE=	querytrace
-
-START_LATE_SUB_LIST=		NAMED_BEFORE="LOGIN" \
-				NAMED_REQUIRE="SERVERS cleanvar"
-START_LATE_SUB_LIST_OFF=	NAMED_BEFORE="SERVERS" \
-				NAMED_REQUIRE="NETWORKING ldconfig syslogd"
-
-TCP_FASTOPEN_CONFIGURE_ENABLE=	tcp-fastopen
-
-.include <bsd.port.options.mk>
-
-.if defined(WITH_DEBUG)
-CONFIGURE_ARGS+=	--enable-developer \
-			--enable-symtable
-USES+=			perl5
-USE_PERL5=		build
-BUILD_DEPENDS+=		cmocka>0:sysutils/cmocka
-.else
-CONFIGURE_ARGS+=	--disable-symtable
-.endif
-
-.include <bsd.port.pre.mk>
-
-.if ${SSL_DEFAULT} == base
-SUB_LIST+=	ENGINES=/usr/lib/engines
-.else
-SUB_LIST+=	ENGINES=${LOCALBASE}/lib/engines
-.endif
-
-post-patch:
-.for FILE in named-checkconf.8 named.8 named.conf.5 nsupdate.1 \
-	rndc.8
-	@${REINPLACE_CMD} -e 's#/etc/named.conf#${ETCDIR}/named.conf#g' \
-		-e 's#/etc/rndc.conf#${ETCDIR}/rndc.conf#g' \
-		-e "s#/var\/run\/named\/named.pid#/var/run/named/pid#" \
-		${WRKSRC}/doc/man/${FILE}in
-.endfor
-
-.  if ${PORTREVISION:N0}
-post-patch-PORTREVISION-on:
-	@${REINPLACE_CMD} -e '/EXTENSIONS/s#=$$#=_${PORTREVISION}#' \
-		${WRKSRC}/version
-.  endif
-
-post-build-DOCS-on:
-	cd ${WRKSRC}/doc/arm && ${MAKE} html
-
-post-install:
-	${MKDIR} ${STAGEDIR}${PREFIX}/etc/mtree
-	${MKDIR} ${STAGEDIR}${ETCDIR}
-.  for i in dynamic master slave working
-	@${MKDIR} ${STAGEDIR}${ETCDIR}/$i
-.  endfor
-	${INSTALL_DATA} ${WRKDIR}/named.conf ${STAGEDIR}${ETCDIR}/named.conf.sample
-	${INSTALL_DATA} ${FILESDIR}/named.root ${STAGEDIR}${ETCDIR}
-	${INSTALL_DATA} ${FILESDIR}/empty.db ${STAGEDIR}${ETCDIR}/master
-	${INSTALL_DATA} ${FILESDIR}/localhost-forward.db ${STAGEDIR}${ETCDIR}/master
-	${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${STAGEDIR}${ETCDIR}/master
-	${INSTALL_DATA} ${FILESDIR}/BIND.chroot.dist ${STAGEDIR}${PREFIX}/etc/mtree/BIND.chroot.dist.sample
-	${INSTALL_DATA} ${FILESDIR}/BIND.chroot.local.dist ${STAGEDIR}${PREFIX}/etc/mtree/BIND.chroot.local.dist.sample
-	${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
-		${STAGEDIR}${ETCDIR}/rndc.conf.sample
-
-post-install-DOCS-on:
-	${MKDIR} ${STAGEDIR}${DOCSDIR}/arm
-	${INSTALL_DATA} ${WRKSRC}/CHANGES* ${WRKSRC}/HISTORY.md \
-		${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}
-	cd ${WRKSRC}/doc/arm/_build/html && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR}/arm
-
-.include <bsd.port.post.mk>
diff --git a/dns/bind916/distinfo b/dns/bind916/distinfo
deleted file mode 100644
index fa4268e146f3..000000000000
--- a/dns/bind916/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1713682578
-SHA256 (bind-9.16.50.tar.xz) = 816dbaa3c115019f30fcebd9e8ef8f7637f4adde91c79daa099b035255a15795
-SIZE (bind-9.16.50.tar.xz) = 5134620
diff --git a/dns/bind916/files/BIND.chroot.dist b/dns/bind916/files/BIND.chroot.dist
deleted file mode 100644
index 5616dd712f6b..000000000000
--- a/dns/bind916/files/BIND.chroot.dist
+++ /dev/null
@@ -1,24 +0,0 @@
-# mtree -deU -f files/BIND.chroot.dist -p tmp
-# mtree -cjnb -k uname,gname,mode -p tmp
-
-/set type=file uname=root gname=wheel mode=0755
-.               type=dir
-    dev             type=dir mode=0555
-    ..
-    etc             type=dir
-    ..
-    tmp             type=dir mode=01777
-    ..
-/set type=file uname=bind gname=bind mode=0755
-    var             type=dir uname=root gname=wheel
-        dump            type=dir
-        ..
-        log             type=dir
-        ..
-        run             type=dir
-            named           type=dir
-            ..
-        ..
-        stats           type=dir
-        ..
-    ..
diff --git a/dns/bind916/files/BIND.chroot.local.dist b/dns/bind916/files/BIND.chroot.local.dist
deleted file mode 100644
index 81fca3df322c..000000000000
--- a/dns/bind916/files/BIND.chroot.local.dist
+++ /dev/null
@@ -1,18 +0,0 @@
-# mtree -deU -f files/BIND.etc.dist -p tmp
-# mtree -cjnb -k uname,gname,mode -p tmp
-
-/set type=file uname=root gname=wheel mode=0755
-.               type=dir
-    etc             type=dir
-/set type=file uname=bind gname=wheel mode=0755
-        namedb          type=dir uname=root
-            dynamic         type=dir
-            ..
-            master          type=dir uname=root
-            ..
-            slave           type=dir
-            ..
-            working         type=dir
-            ..
-        ..
-    ..
diff --git a/dns/bind916/files/bind-v9.16.0-tcp_quota_fix.patch b/dns/bind916/files/bind-v9.16.0-tcp_quota_fix.patch
deleted file mode 100644
index bad95dddc192..000000000000
--- a/dns/bind916/files/bind-v9.16.0-tcp_quota_fix.patch
+++ /dev/null
@@ -1,341 +0,0 @@
-diff --git a/lib/isc/netmgr/netmgr-int.h b/lib/isc/netmgr/netmgr-int.h
-index ae83f943d3..c85065f39d 100644
---- a/lib/isc/netmgr/netmgr-int.h
-+++ b/lib/isc/netmgr/netmgr-int.h
-@@ -356,7 +356,16 @@ struct isc_nmsocket {
- 	 */
- 	isc_quota_t *quota;
- 	isc_quota_t *pquota;
--	bool	     overquota;
-+
-+	/*%
-+	 * How many connections we have not accepted due to quota?
-+	 * When we close a connection we need to accept a new one.
-+	 */
-+	int overquota;
-+	/*%
-+	 * How many active connections we have?
-+	 */
-+	int conns;
- 
- 	/*%
- 	 * Socket statistics
-diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c
-index f4361575cc..26728c1ba6 100644
---- a/lib/isc/netmgr/netmgr.c
-+++ b/lib/isc/netmgr/netmgr.c
-@@ -727,6 +727,11 @@ nmsocket_cleanup(isc_nmsocket_t *sock, bool dofree)
- 		for (int i = 0; i < sock->nchildren; i++) {
- 			if (!atomic_load(&sock->children[i].destroying)) {
- 				nmsocket_cleanup(&sock->children[i], false);
-+				if (sock->statsindex != NULL) {
-+					isc__nm_decstats(
-+						sock->mgr,
-+						sock->statsindex[STATID_ACTIVE]);
-+				}
- 			}
- 		}
- 
-@@ -738,6 +743,9 @@ nmsocket_cleanup(isc_nmsocket_t *sock, bool dofree)
- 		sock->children = NULL;
- 		sock->nchildren = 0;
- 	}
-+	if (sock->statsindex != NULL) {
-+		isc__nm_decstats(sock->mgr, sock->statsindex[STATID_ACTIVE]);
-+	}
- 
- 	if (sock->tcphandle != NULL) {
- 		isc_nmhandle_unref(sock->tcphandle);
-@@ -854,8 +862,6 @@ isc__nmsocket_prep_destroy(isc_nmsocket_t *sock)
- 	if (sock->children != NULL) {
- 		for (int i = 0; i < sock->nchildren; i++) {
- 			atomic_store(&sock->children[i].active, false);
--			isc__nm_decstats(sock->mgr,
--					 sock->statsindex[STATID_ACTIVE]);
- 		}
- 	}
- 
-diff --git a/lib/isc/netmgr/tcp.c b/lib/isc/netmgr/tcp.c
-index a83fede0d2..58ffd3c404 100644
---- a/lib/isc/netmgr/tcp.c
-+++ b/lib/isc/netmgr/tcp.c
-@@ -26,12 +26,28 @@
- #include <isc/region.h>
- #include <isc/result.h>
- #include <isc/sockaddr.h>
-+#include <isc/stdtime.h>
- #include <isc/thread.h>
- #include <isc/util.h>
- 
- #include "netmgr-int.h"
- #include "uv-compat.h"
- 
-+static atomic_uint_fast32_t last_tcpquota_log = ATOMIC_VAR_INIT(0);
-+
-+static bool
-+can_log_tcp_quota() {
-+	isc_stdtime_t now, last;
-+
-+	isc_stdtime_get(&now);
-+	last = atomic_exchange_relaxed(&last_tcpquota_log, now);
-+	if (now != last) {
-+		return (true);
-+	}
-+
-+	return (false);
-+}
-+
- static int
- tcp_connect_direct(isc_nmsocket_t *sock, isc__nm_uvreq_t *req);
- 
-@@ -668,9 +684,6 @@ read_cb(uv_stream_t *stream, ssize_t nread, const uv_buf_t *buf)
- 	}
- 
- 	isc__nm_free_uvbuf(sock, buf);
--	if (sock->quota) {
--		isc_quota_detach(&sock->quota);
--	}
- 
- 	/*
- 	 * This might happen if the inner socket is closing.  It means that
-@@ -699,6 +712,7 @@ accept_connection(isc_nmsocket_t *ssock)
- 	struct sockaddr_storage ss;
- 	isc_sockaddr_t		local;
- 	int			r;
-+	bool overquota = false;
- 
- 	REQUIRE(VALID_NMSOCK(ssock));
- 	REQUIRE(ssock->tid == isc_nm_tid());
-@@ -711,10 +725,25 @@ accept_connection(isc_nmsocket_t *ssock)
- 
- 	if (ssock->pquota != NULL) {
- 		result = isc_quota_attach(ssock->pquota, &quota);
-+
-+		/*
-+		 * We share the quota between all TCP sockets. Others
-+		 * may have used up all the quota slots, in which case
-+		 * this socket could starve. So we only fail here if we
-+		 * already had at least one active connection on this
-+		 * socket. This guarantees that we'll maintain some level
-+		 * of service while over quota, and will resume normal
-+		 * service when the quota comes back down.
-+		 */
- 		if (result != ISC_R_SUCCESS) {
--			isc__nm_incstats(ssock->mgr,
--					 ssock->statsindex[STATID_ACCEPTFAIL]);
--			return (result);
-+			ssock->overquota++;
-+			overquota = true;
-+			if (ssock->conns > 0) {
-+				isc__nm_incstats(
-+					ssock->mgr,
-+					ssock->statsindex[STATID_ACCEPTFAIL]);
-+				return (result);
-+			}
- 		}
- 	}
- 
-@@ -761,6 +790,7 @@ accept_connection(isc_nmsocket_t *ssock)
- 	}
- 
- 	isc_nmsocket_attach(ssock, &csock->server);
-+	ssock->conns++;
- 
- 	handle = isc__nmhandle_get(csock, NULL, &local);
- 
-@@ -779,6 +809,9 @@ error:
- 	if (csock->quota != NULL) {
- 		isc_quota_detach(&csock->quota);
- 	}
-+	if (overquota) {
-+		ssock->overquota--;
-+	}
- 	/* We need to detach it properly to make sure uv_close is called. */
- 	isc_nmsocket_detach(&csock);
- 	return (result);
-@@ -793,14 +826,14 @@ tcp_connection_cb(uv_stream_t *server, int status)
- 	UNUSED(status);
- 
- 	result = accept_connection(ssock);
--	if (result != ISC_R_SUCCESS) {
--		if (result == ISC_R_QUOTA || result == ISC_R_SOFTQUOTA) {
--			ssock->overquota = true;
-+	if (result != ISC_R_SUCCESS && result != ISC_R_NOCONN) {
-+		if ((result != ISC_R_QUOTA && result != ISC_R_SOFTQUOTA) ||
-+		    can_log_tcp_quota()) {
-+			isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
-+				      ISC_LOGMODULE_NETMGR, ISC_LOG_ERROR,
-+				      "TCP connection failed: %s",
-+				      isc_result_totext(result));
- 		}
--		isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
--			      ISC_LOGMODULE_NETMGR, ISC_LOG_ERROR,
--			      "TCP connection failed: %s",
--			      isc_result_totext(result));
- 	}
- }
- 
-@@ -936,17 +969,27 @@ tcp_close_direct(isc_nmsocket_t *sock)
- 	REQUIRE(VALID_NMSOCK(sock));
- 	REQUIRE(sock->tid == isc_nm_tid());
- 	REQUIRE(sock->type == isc_nm_tcpsocket);
-+	isc_nmsocket_t *ssock = sock->server;
- 
- 	if (sock->quota != NULL) {
--		isc_nmsocket_t *ssock = sock->server;
--
- 		isc_quota_detach(&sock->quota);
--
--		if (ssock->overquota) {
-+	}
-+	if (ssock != NULL) {
-+		ssock->conns--;
-+		while (ssock->conns == 0 && ssock->overquota > 0) {
-+			ssock->overquota--;
- 			isc_result_t result = accept_connection(ssock);
--			if (result != ISC_R_QUOTA &&
--			    result != ISC_R_SOFTQUOTA) {
--				ssock->overquota = false;
-+			if (result == ISC_R_SUCCESS || result == ISC_R_NOCONN) {
-+				continue;
-+			}
-+			if ((result != ISC_R_QUOTA &&
-+			     result != ISC_R_SOFTQUOTA) ||
-+			    can_log_tcp_quota()) {
-+				isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
-+					      ISC_LOGMODULE_NETMGR,
-+					      ISC_LOG_ERROR,
-+					      "TCP connection failed: %s",
-+					      isc_result_totext(result));
- 			}
- 		}
- 	}
-diff --git a/lib/isc/netmgr/tcpdns.c b/lib/isc/netmgr/tcpdns.c
-index e384b73be9..f89eb359af 100644
---- a/lib/isc/netmgr/tcpdns.c
-+++ b/lib/isc/netmgr/tcpdns.c
-@@ -43,6 +43,9 @@ dnslisten_readcb(isc_nmhandle_t *handle, isc_region_t *region, void *arg);
- static void
- resume_processing(void *arg);
- 
-+static void
-+tcpdns_close_direct(isc_nmsocket_t *sock);
-+
- static inline size_t
- dnslen(unsigned char *base)
- {
-@@ -82,7 +85,6 @@ timer_close_cb(uv_handle_t *handle)
- {
- 	isc_nmsocket_t *sock = (isc_nmsocket_t *)uv_handle_get_data(handle);
- 	INSIST(VALID_NMSOCK(sock));
--	atomic_store(&sock->closed, true);
- 	isc_nmsocket_detach(&sock);
- }
- 
-@@ -94,9 +96,7 @@ dnstcp_readtimeout(uv_timer_t *timer)
- 
- 	REQUIRE(VALID_NMSOCK(sock));
- 	REQUIRE(sock->tid == isc_nm_tid());
--
--	isc_nmsocket_detach(&sock->outer);
--	uv_close((uv_handle_t *)&sock->timer, timer_close_cb);
-+	tcpdns_close_direct(sock);
- }
- 
- /*
-@@ -252,7 +252,9 @@ dnslisten_readcb(isc_nmhandle_t *handle, isc_region_t *region, void *arg)
- 		 * We have a packet: stop timeout timers
- 		 */
- 		atomic_store(&dnssock->outer->processing, true);
--		uv_timer_stop(&dnssock->timer);
-+		if (dnssock->timer_initialized) {
-+			uv_timer_stop(&dnssock->timer);
-+		}
- 
- 		if (atomic_load(&dnssock->sequential)) {
- 			/*
-@@ -399,8 +401,10 @@ resume_processing(void *arg)
- 	if (atomic_load(&sock->ah) == 0) {
- 		/* Nothing is active; sockets can timeout now */
- 		atomic_store(&sock->outer->processing, false);
--		uv_timer_start(&sock->timer, dnstcp_readtimeout,
--			       sock->read_timeout, 0);
-+		if (sock->timer_initialized) {
-+			uv_timer_start(&sock->timer, dnstcp_readtimeout,
-+				       sock->read_timeout, 0);
-+		}
- 	}
- 
- 	/*
-@@ -413,7 +417,9 @@ resume_processing(void *arg)
- 		result = processbuffer(sock, &handle);
- 		if (result == ISC_R_SUCCESS) {
- 			atomic_store(&sock->outer->processing, true);
--			uv_timer_stop(&sock->timer);
-+			if (sock->timer_initialized) {
-+				uv_timer_stop(&sock->timer);
-+			}
- 			isc_nmhandle_unref(handle);
- 		} else if (sock->outer != NULL) {
- 			isc_nm_resumeread(sock->outer);
-@@ -441,7 +447,9 @@ resume_processing(void *arg)
- 			break;
- 		}
- 
--		uv_timer_stop(&sock->timer);
-+		if (sock->timer_initialized) {
-+			uv_timer_stop(&sock->timer);
-+		}
- 		atomic_store(&sock->outer->processing, true);
- 		isc_nmhandle_unref(dnshandle);
- 	} while (atomic_load(&sock->ah) < TCPDNS_CLIENTS_PER_CONN);
-@@ -507,18 +515,29 @@ static void
- tcpdns_close_direct(isc_nmsocket_t *sock)
- {
- 	REQUIRE(sock->tid == isc_nm_tid());
--	if (sock->outer != NULL) {
--		sock->outer->rcb.recv = NULL;
--		isc_nmsocket_detach(&sock->outer);
--	}
--	if (sock->listener != NULL) {
--		isc_nmsocket_detach(&sock->listener);
--	}
- 	/* We don't need atomics here, it's all in single network thread */
- 	if (sock->timer_initialized) {
-+		/*
-+		 * We need to fire the timer callback to clean it up,
-+		 * it will then call us again (via detach) so that we
-+		 * can finally close the socket.
-+		 */
- 		sock->timer_initialized = false;
- 		uv_timer_stop(&sock->timer);
- 		uv_close((uv_handle_t *)&sock->timer, timer_close_cb);
-+	} else {
-+		/*
-+		 * At this point we're certain that there are no external
-+		 * references, we can close everything.
-+		 */
-+		if (sock->outer != NULL) {
-+			sock->outer->rcb.recv = NULL;
-+			isc_nmsocket_detach(&sock->outer);
-+		}
-+		if (sock->listener != NULL) {
-+			isc_nmsocket_detach(&sock->listener);
-+		}
-+		atomic_store(&sock->closed, true);
- 	}
- }
- 
-diff --git a/lib/isc/netmgr/uverr2result.c b/lib/isc/netmgr/uverr2result.c
-index b6a8065e3e..9781454ca6 100644
---- a/lib/isc/netmgr/uverr2result.c
-+++ b/lib/isc/netmgr/uverr2result.c
-@@ -38,6 +38,8 @@ isc___nm_uverr2result(int uverr, bool dolog, const char *file,
- 		return (ISC_R_INVALIDFILE);
- 	case UV_ENOENT:
- 		return (ISC_R_FILENOTFOUND);
-+	case UV_EAGAIN:
-+		return (ISC_R_NOCONN);
- 	case UV_EACCES:
- 	case UV_EPERM:
- 		return (ISC_R_NOPERM);
diff --git a/dns/bind916/files/empty.db b/dns/bind916/files/empty.db
deleted file mode 100644
index 30870e74342f..000000000000
--- a/dns/bind916/files/empty.db
+++ /dev/null
@@ -1,8 +0,0 @@
-$TTL 3h
-@ SOA @ nobody.localhost. 42 1d 12h 1w 3h
-	; Serial, Refresh, Retry, Expire, Neg. cache TTL
-
-@	NS	@
-
-; Silence a BIND warning
-@	A	127.0.0.1
diff --git a/dns/bind916/files/extrapatch-bind-min-override-ttl b/dns/bind916/files/extrapatch-bind-min-override-ttl
deleted file mode 100644
index f6f2dc707250..000000000000
--- a/dns/bind916/files/extrapatch-bind-min-override-ttl
+++ /dev/null
@@ -1,61 +0,0 @@
-Add the override-cache-ttl feature.
-
---- bin/named/config.c.orig	2024-04-03 12:48:29 UTC
-+++ bin/named/config.c
-@@ -177,6 +177,7 @@ options {\n\
- 	notify-source *;\n\
- 	notify-source-v6 *;\n\
- 	nsec3-test-zone no;\n\
-+	override-cache-ttl 0; /* do not override */\n\
- 	parental-source *;\n\
- 	parental-source-v6 *;\n\
- 	provide-ixfr true;\n\
---- bin/named/server.c.orig	2024-04-03 12:48:29 UTC
-+++ bin/named/server.c
-@@ -4449,6 +4449,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
- 	}
- 
- 	obj = NULL;
-+	result = named_config_get(maps, "override-cache-ttl", &obj);
-+	INSIST(result == ISC_R_SUCCESS);
-+	view->overridecachettl = cfg_obj_asduration(obj);
-+
-+	obj = NULL;
- 	result = named_config_get(maps, "max-cache-ttl", &obj);
- 	INSIST(result == ISC_R_SUCCESS);
- 	view->maxcachettl = cfg_obj_asduration(obj);
---- lib/dns/include/dns/view.h.orig	2024-04-03 12:48:29 UTC
-+++ lib/dns/include/dns/view.h
-@@ -154,6 +154,7 @@ struct dns_view {
- 	bool		      requestnsid;
- 	bool		      sendcookie;
- 	dns_ttl_t	      maxcachettl;
-+	dns_ttl_t	      overridecachettl;
- 	dns_ttl_t	      maxncachettl;
- 	dns_ttl_t	      mincachettl;
- 	dns_ttl_t	      minncachettl;
---- lib/dns/resolver.c.orig	2024-04-03 12:48:29 UTC
-+++ lib/dns/resolver.c
-@@ -6494,6 +6494,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
- 		}
- 
- 		/*
-+		 * Enforce the configure cache TTL override.
-+		 */
-+                if (res->view->overridecachettl)
-+                        rdataset->ttl = res->view->overridecachettl;
-+
-+		/*
- 		 * Enforce the configure maximum cache TTL.
- 		 */
- 		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2024-04-03 12:48:29 UTC
-+++ lib/isccfg/namedconf.c
-@@ -2054,6 +2054,7 @@ static cfg_clausedef_t view_clauses[] = {
- #endif /* ifdef HAVE_LMDB */
- 	{ "max-acache-size", &cfg_type_sizenodefault, CFG_CLAUSEFLAG_OBSOLETE },
- 	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
-+	{ "override-cache-ttl", &cfg_type_duration, 0 },
- 	{ "max-cache-ttl", &cfg_type_duration, 0 },
- 	{ "max-clients-per-query", &cfg_type_uint32, 0 },
- 	{ "max-ncache-ttl", &cfg_type_duration, 0 },
diff --git a/dns/bind916/files/localhost-forward.db b/dns/bind916/files/localhost-forward.db
deleted file mode 100644
index fdd2e9ce4bee..000000000000
--- a/dns/bind916/files/localhost-forward.db
+++ /dev/null
@@ -1,8 +0,0 @@
-$TTL 3h
-localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
-	; Serial, Refresh, Retry, Expire, Neg. cache TTL
-
-	NS	localhost.
-
-	A	127.0.0.1
-	AAAA	::1
diff --git a/dns/bind916/files/localhost-reverse.db b/dns/bind916/files/localhost-reverse.db
deleted file mode 100644
index 376e94fa94a8..000000000000
--- a/dns/bind916/files/localhost-reverse.db
+++ /dev/null
@@ -1,10 +0,0 @@
-$TTL 3h
-@ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
-	; Serial, Refresh, Retry, Expire, Neg. cache TTL
-
-	NS	localhost.
-
-1.0.0	PTR	localhost.
-
-1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost.
-
diff --git a/dns/bind916/files/named.conf.in b/dns/bind916/files/named.conf.in
deleted file mode 100644
index c3a367fd23ee..000000000000
--- a/dns/bind916/files/named.conf.in
+++ /dev/null
@@ -1,378 +0,0 @@
-// Refer to the named.conf(5) and named(8) man pages, and the documentation
-// in /usr/local/share/doc/bind for more details.
-//
-// If you are going to set up an authoritative server, make sure you
-// understand the hairy details of how DNS works.  Even with
-// simple mistakes, you can break connectivity for affected parties,
-// or cause huge amounts of useless Internet traffic.
-
-options {
-	// All file and path names are relative to the chroot directory,
-	// if any, and should be fully qualified.
-	directory	"%%ETCDIR%%/working";
-	pid-file	"/var/run/named/pid";
-	dump-file	"/var/dump/named_dump.db";
-	statistics-file	"/var/stats/named.stats";
-
-// If named is being used only as a local resolver, this is a safe default.
-// For named to be accessible to the network, comment this option, specify
-// the proper IP address, or delete this option.
-	listen-on	{ 127.0.0.1; };
-
-// If you have IPv6 enabled on this system, uncomment this option for
-// use as a local resolver.  To give access to the network, specify
-// an IPv6 address, or the keyword "any".
-//	listen-on-v6	{ ::1; };
-
-// These zones are already covered by the empty zones listed below.
-// If you remove the related empty zones below, comment these lines out.
-	disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
-	disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
-	disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
-
-// If you've got a DNS server around at your upstream provider, enter
-// its IP address here, and enable the line below.  This will make you
-// benefit from its cache, thus reduce overall DNS traffic in the Internet.
-/*
-	forwarders {
-		127.0.0.1;
-	};
-*/
-
-// If the 'forwarders' clause is not empty the default is to 'forward first'
-// which will fall back to sending a query from your local server if the name
-// servers in 'forwarders' do not have the answer.  Alternatively you can
-// force your name server to never initiate queries of its own by enabling the
-// following line:
-//	forward only;
-
-// If you wish to have forwarding configured automatically based on
-// the entries in /etc/resolv.conf, uncomment the following line and
-// set named_auto_forward=yes in /etc/rc.conf.  You can also enable
-// named_auto_forward_only (the effect of which is described above).
-//	include "%%ETCDIR%%/auto_forward.conf";
-
-	/*
-	   Modern versions of BIND use a random UDP port for each outgoing
-	   query by default in order to dramatically reduce the possibility
-	   of cache poisoning.  All users are strongly encouraged to utilize
-	   this feature, and to configure their firewalls to accommodate it.
-
-	   AS A LAST RESORT in order to get around a restrictive firewall
-	   policy you can try enabling the option below.  Use of this option
-	   will significantly reduce your ability to withstand cache poisoning
-	   attacks, and should be avoided if at all possible.
-
-	   Replace NNNNN in the example with a number between 49160 and 65530.
-	*/
-	// query-source address * port NNNNN;
-};
-
-// If you enable a local name server, don't forget to enter 127.0.0.1
-// first in your /etc/resolv.conf so this server will be queried.
-// Also, make sure to enable it in /etc/rc.conf.
-
-// The traditional root hints mechanism. Use this, OR the slave zones below.
-zone "." { type hint; file "%%ETCDIR%%/named.root"; };
-
-/*	Slaving the following zones from the root name servers has some
-	significant advantages:
-	1. Faster local resolution for your users
-	2. No spurious traffic will be sent from your network to the roots
-	3. Greater resilience to any potential root server failure/DDoS
-
-	On the other hand, this method requires more monitoring than the
-	hints file to be sure that an unexpected failure mode has not
-	incapacitated your server.  Name servers that are serving a lot
-	of clients will benefit more from this approach than individual
-	hosts.  Use with caution.
-
-	To use this mechanism, uncomment the entries below, and comment
-	the hint zone above.
-
-	As documented at http://dns.icann.org/services/axfr/ these zones:
-	"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
-	are available for AXFR from these servers on IPv4 and IPv6:
-	xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
-*/
-/*
-zone "." {
-	type slave;
-	file "%%ETCDIR%%/slave/root.slave";
-	masters {
-		192.0.32.132;           // lax.xfr.dns.icann.org
-		2620:0:2d0:202::132;    // lax.xfr.dns.icann.org
-		192.0.47.132;           // iad.xfr.dns.icann.org
-		2620:0:2830:202::132;   // iad.xfr.dns.icann.org
-	};
-	notify no;
-};
-zone "arpa" {
-	type slave;
-	file "%%ETCDIR%%/slave/arpa.slave";
-	masters {
-		192.0.32.132;           // lax.xfr.dns.icann.org
-		2620:0:2d0:202::132;    // lax.xfr.dns.icann.org
-		192.0.47.132;           // iad.xfr.dns.icann.org
-		2620:0:2830:202::132;   // iad.xfr.dns.icann.org
-	};
-	notify no;
-};
-zone "in-addr.arpa" {
-	type slave;
-	file "%%ETCDIR%%/slave/in-addr.arpa.slave";
-	masters {
-		192.0.32.132;           // lax.xfr.dns.icann.org
-		2620:0:2d0:202::132;    // lax.xfr.dns.icann.org
-		192.0.47.132;           // iad.xfr.dns.icann.org
-		2620:0:2830:202::132;   // iad.xfr.dns.icann.org
-	};
-	notify no;
-};
-zone "ip6.arpa" {
-	type slave;
-	file "%%ETCDIR%%/slave/ip6.arpa.slave";
-	masters {
-		192.0.32.132;           // lax.xfr.dns.icann.org
-		2620:0:2d0:202::132;    // lax.xfr.dns.icann.org
-		192.0.47.132;           // iad.xfr.dns.icann.org
-		2620:0:2830:202::132;   // iad.xfr.dns.icann.org
-	};
-	notify no;
-};
-*/
-
-/*	Serving the following zones locally will prevent any queries
-	for these zones leaving your network and going to the root
-	name servers.  This has two significant advantages:
-	1. Faster local resolution for your users
-	2. No spurious traffic will be sent from your network to the roots
-*/
-// RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
-zone "localhost"	{ type master; file "%%ETCDIR%%/master/localhost-forward.db"; };
-zone "127.in-addr.arpa"	{ type master; file "%%ETCDIR%%/master/localhost-reverse.db"; };
-zone "255.in-addr.arpa"	{ type master; file "%%ETCDIR%%/master/empty.db"; };
-
-// RFC 1912-style zone for IPv6 localhost address (RFC 6303)
-zone "0.ip6.arpa"	{ type master; file "%%ETCDIR%%/master/localhost-reverse.db"; };
-
-// "This" Network (RFCs 1912, 5735 and 6303)
-zone "0.in-addr.arpa"	{ type master; file "%%ETCDIR%%/master/empty.db"; };
-
-// Private Use Networks (RFCs 1918, 5735 and 6303)
-zone "10.in-addr.arpa"	   { type master; file "%%ETCDIR%%/master/empty.db"; };
-zone "16.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
-zone "17.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
-zone "18.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
-zone "19.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
*** 1387 LINES SKIPPED ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202404302025.43UKP1BU011406>